annotate sat/plugins/plugin_comp_ap_gateway/regex.py @ 4015:2913313ca58f

component AP gateway (http): add verbose log when signature verification fails on POST request
author Goffi <goffi@goffi.org>
date Sat, 18 Mar 2023 20:12:38 +0100
parents 381340b9a9ee
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
3741
eddab3798aca comp AP gateway: regular expression to parse `Signature` header:
Goffi <goffi@goffi.org>
parents:
diff changeset
1 #!/usr/bin/env python3
eddab3798aca comp AP gateway: regular expression to parse `Signature` header:
Goffi <goffi@goffi.org>
parents:
diff changeset
2
eddab3798aca comp AP gateway: regular expression to parse `Signature` header:
Goffi <goffi@goffi.org>
parents:
diff changeset
3 # Libervia ActivityPub Gateway
eddab3798aca comp AP gateway: regular expression to parse `Signature` header:
Goffi <goffi@goffi.org>
parents:
diff changeset
4 # Copyright (C) 2009-2022 Jérôme Poisson (goffi@goffi.org)
eddab3798aca comp AP gateway: regular expression to parse `Signature` header:
Goffi <goffi@goffi.org>
parents:
diff changeset
5
eddab3798aca comp AP gateway: regular expression to parse `Signature` header:
Goffi <goffi@goffi.org>
parents:
diff changeset
6 # This program is free software: you can redistribute it and/or modify
eddab3798aca comp AP gateway: regular expression to parse `Signature` header:
Goffi <goffi@goffi.org>
parents:
diff changeset
7 # it under the terms of the GNU Affero General Public License as published by
eddab3798aca comp AP gateway: regular expression to parse `Signature` header:
Goffi <goffi@goffi.org>
parents:
diff changeset
8 # the Free Software Foundation, either version 3 of the License, or
eddab3798aca comp AP gateway: regular expression to parse `Signature` header:
Goffi <goffi@goffi.org>
parents:
diff changeset
9 # (at your option) any later version.
eddab3798aca comp AP gateway: regular expression to parse `Signature` header:
Goffi <goffi@goffi.org>
parents:
diff changeset
10
eddab3798aca comp AP gateway: regular expression to parse `Signature` header:
Goffi <goffi@goffi.org>
parents:
diff changeset
11 # This program is distributed in the hope that it will be useful,
eddab3798aca comp AP gateway: regular expression to parse `Signature` header:
Goffi <goffi@goffi.org>
parents:
diff changeset
12 # but WITHOUT ANY WARRANTY; without even the implied warranty of
eddab3798aca comp AP gateway: regular expression to parse `Signature` header:
Goffi <goffi@goffi.org>
parents:
diff changeset
13 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
eddab3798aca comp AP gateway: regular expression to parse `Signature` header:
Goffi <goffi@goffi.org>
parents:
diff changeset
14 # GNU Affero General Public License for more details.
eddab3798aca comp AP gateway: regular expression to parse `Signature` header:
Goffi <goffi@goffi.org>
parents:
diff changeset
15
eddab3798aca comp AP gateway: regular expression to parse `Signature` header:
Goffi <goffi@goffi.org>
parents:
diff changeset
16 # You should have received a copy of the GNU Affero General Public License
eddab3798aca comp AP gateway: regular expression to parse `Signature` header:
Goffi <goffi@goffi.org>
parents:
diff changeset
17 # along with this program. If not, see <http://www.gnu.org/licenses/>.
eddab3798aca comp AP gateway: regular expression to parse `Signature` header:
Goffi <goffi@goffi.org>
parents:
diff changeset
18
3833
381340b9a9ee component AP gateway: convert XMPP mentions to AP:
Goffi <goffi@goffi.org>
parents: 3741
diff changeset
19 """Various Regular Expression for AP gateway"""
381340b9a9ee component AP gateway: convert XMPP mentions to AP:
Goffi <goffi@goffi.org>
parents: 3741
diff changeset
20
381340b9a9ee component AP gateway: convert XMPP mentions to AP:
Goffi <goffi@goffi.org>
parents: 3741
diff changeset
21 import re
381340b9a9ee component AP gateway: convert XMPP mentions to AP:
Goffi <goffi@goffi.org>
parents: 3741
diff changeset
22
381340b9a9ee component AP gateway: convert XMPP mentions to AP:
Goffi <goffi@goffi.org>
parents: 3741
diff changeset
23 ## "Signature" header parsing
3741
eddab3798aca comp AP gateway: regular expression to parse `Signature` header:
Goffi <goffi@goffi.org>
parents:
diff changeset
24
eddab3798aca comp AP gateway: regular expression to parse `Signature` header:
Goffi <goffi@goffi.org>
parents:
diff changeset
25 # those expression have been generated with abnf-to-regex
eddab3798aca comp AP gateway: regular expression to parse `Signature` header:
Goffi <goffi@goffi.org>
parents:
diff changeset
26 # (https://github.com/aas-core-works/abnf-to-regexp)
eddab3798aca comp AP gateway: regular expression to parse `Signature` header:
Goffi <goffi@goffi.org>
parents:
diff changeset
27
eddab3798aca comp AP gateway: regular expression to parse `Signature` header:
Goffi <goffi@goffi.org>
parents:
diff changeset
28 # the base RFC 7320 ABNF rules come from https://github.com/EricGT/ABNF
eddab3798aca comp AP gateway: regular expression to parse `Signature` header:
Goffi <goffi@goffi.org>
parents:
diff changeset
29
eddab3798aca comp AP gateway: regular expression to parse `Signature` header:
Goffi <goffi@goffi.org>
parents:
diff changeset
30 # here is the ABNF file used:
eddab3798aca comp AP gateway: regular expression to parse `Signature` header:
Goffi <goffi@goffi.org>
parents:
diff changeset
31 # ---
eddab3798aca comp AP gateway: regular expression to parse `Signature` header:
Goffi <goffi@goffi.org>
parents:
diff changeset
32 # BWS = OWS
eddab3798aca comp AP gateway: regular expression to parse `Signature` header:
Goffi <goffi@goffi.org>
parents:
diff changeset
33 # OWS = *( SP / HTAB )
eddab3798aca comp AP gateway: regular expression to parse `Signature` header:
Goffi <goffi@goffi.org>
parents:
diff changeset
34 # tchar = "!" / "#" / "$" / "%" / "&" / "`" / "*" / "+" / "-" / "." / "^" / "_" / "\'" / "|" / "~" / DIGIT / ALPHA
eddab3798aca comp AP gateway: regular expression to parse `Signature` header:
Goffi <goffi@goffi.org>
parents:
diff changeset
35 # token = 1*tchar
eddab3798aca comp AP gateway: regular expression to parse `Signature` header:
Goffi <goffi@goffi.org>
parents:
diff changeset
36 # sig-param = token BWS "=" BWS ( token / quoted-string )
eddab3798aca comp AP gateway: regular expression to parse `Signature` header:
Goffi <goffi@goffi.org>
parents:
diff changeset
37 # quoted-string = DQUOTE *( qdtext / quoted-pair ) DQUOTE
eddab3798aca comp AP gateway: regular expression to parse `Signature` header:
Goffi <goffi@goffi.org>
parents:
diff changeset
38 # qdtext = HTAB / SP / "!" / %x23-5B ; '#'-'['
eddab3798aca comp AP gateway: regular expression to parse `Signature` header:
Goffi <goffi@goffi.org>
parents:
diff changeset
39 # / %x5D-7E ; ']'-'~'
eddab3798aca comp AP gateway: regular expression to parse `Signature` header:
Goffi <goffi@goffi.org>
parents:
diff changeset
40 # / obs-text
eddab3798aca comp AP gateway: regular expression to parse `Signature` header:
Goffi <goffi@goffi.org>
parents:
diff changeset
41 # quoted-pair = "\" ( HTAB / SP / VCHAR / obs-text )
eddab3798aca comp AP gateway: regular expression to parse `Signature` header:
Goffi <goffi@goffi.org>
parents:
diff changeset
42 # obs-text = %x80-FF
eddab3798aca comp AP gateway: regular expression to parse `Signature` header:
Goffi <goffi@goffi.org>
parents:
diff changeset
43 # ---
eddab3798aca comp AP gateway: regular expression to parse `Signature` header:
Goffi <goffi@goffi.org>
parents:
diff changeset
44
eddab3798aca comp AP gateway: regular expression to parse `Signature` header:
Goffi <goffi@goffi.org>
parents:
diff changeset
45 ows = '[ \t]*'
eddab3798aca comp AP gateway: regular expression to parse `Signature` header:
Goffi <goffi@goffi.org>
parents:
diff changeset
46 bws = f'{ows}'
eddab3798aca comp AP gateway: regular expression to parse `Signature` header:
Goffi <goffi@goffi.org>
parents:
diff changeset
47 obs_text = '[\\x80-\\xff]'
eddab3798aca comp AP gateway: regular expression to parse `Signature` header:
Goffi <goffi@goffi.org>
parents:
diff changeset
48 qdtext = f'([\t !#-\\[\\]-~]|{obs_text})'
eddab3798aca comp AP gateway: regular expression to parse `Signature` header:
Goffi <goffi@goffi.org>
parents:
diff changeset
49 quoted_pair = f'\\\\([\t !-~]|{obs_text})'
eddab3798aca comp AP gateway: regular expression to parse `Signature` header:
Goffi <goffi@goffi.org>
parents:
diff changeset
50 quoted_string = f'"({qdtext}|{quoted_pair})*"'
eddab3798aca comp AP gateway: regular expression to parse `Signature` header:
Goffi <goffi@goffi.org>
parents:
diff changeset
51 tchar = "([!#$%&`*+\\-.^_]|\\\\'|[|~0-9a-zA-Z])"
eddab3798aca comp AP gateway: regular expression to parse `Signature` header:
Goffi <goffi@goffi.org>
parents:
diff changeset
52 token = f'({tchar})+'
eddab3798aca comp AP gateway: regular expression to parse `Signature` header:
Goffi <goffi@goffi.org>
parents:
diff changeset
53 RE_SIG_PARAM = re.compile(
eddab3798aca comp AP gateway: regular expression to parse `Signature` header:
Goffi <goffi@goffi.org>
parents:
diff changeset
54 f'(?P<key>{token}{bws})={bws}'
eddab3798aca comp AP gateway: regular expression to parse `Signature` header:
Goffi <goffi@goffi.org>
parents:
diff changeset
55 f'((?P<uq_value>{token})|(?P<quoted_value>{quoted_string}))'
eddab3798aca comp AP gateway: regular expression to parse `Signature` header:
Goffi <goffi@goffi.org>
parents:
diff changeset
56 )
3833
381340b9a9ee component AP gateway: convert XMPP mentions to AP:
Goffi <goffi@goffi.org>
parents: 3741
diff changeset
57
381340b9a9ee component AP gateway: convert XMPP mentions to AP:
Goffi <goffi@goffi.org>
parents: 3741
diff changeset
58
381340b9a9ee component AP gateway: convert XMPP mentions to AP:
Goffi <goffi@goffi.org>
parents: 3741
diff changeset
59 ## Account/Mention
381340b9a9ee component AP gateway: convert XMPP mentions to AP:
Goffi <goffi@goffi.org>
parents: 3741
diff changeset
60
381340b9a9ee component AP gateway: convert XMPP mentions to AP:
Goffi <goffi@goffi.org>
parents: 3741
diff changeset
61 # FIXME: naive regex, should be approved following webfinger, but popular implementations
381340b9a9ee component AP gateway: convert XMPP mentions to AP:
Goffi <goffi@goffi.org>
parents: 3741
diff changeset
62 # such as Mastodon use a very restricted subset
381340b9a9ee component AP gateway: convert XMPP mentions to AP:
Goffi <goffi@goffi.org>
parents: 3741
diff changeset
63 RE_ACCOUNT = re.compile(r"[a-zA-Z0-9._-]+@[a-zA-Z0-9-]+.[a-zA-Z0-9-]+")
381340b9a9ee component AP gateway: convert XMPP mentions to AP:
Goffi <goffi@goffi.org>
parents: 3741
diff changeset
64 RE_MENTION = re.compile(rf"(?<!\w)@{RE_ACCOUNT.pattern}\b")